1. Learn about Windows 10 Secure Kernel
Microsoft 2016
5/7/ :47 PM
BRK4010
Learn about Windows 10 Secure Kernel
Sami Laiho
Technical Advisor – Applixure
Senior Technical Fellow – Adminize.com/Names.fi
PluralSight Author
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2. WHOAMI /ALL

3. Sami Laiho Senior Technical Fellow adminize.com
IT Admin since 1996
MVP in Windows OS since 2011
PluralSight Author
Specializes in and trains:
Troubleshooting and OS internals
Security
More info:
Trophies:
NIC Best Speaker
Ignite 2015 – Best male presenter ;)
TechEd Europe 2014 – Best session
TechEd North America Best session, Best speaker
TechEd Australia Best session, Best speaker
TechEd Europe Best Session by an external speaker

4. Finnish Lesson Finnish is simple! English: Finnish:
NUCLEAR POWER PLANT'S STEAM CONDENSATION COMPRESSOR'S GEAR BOX
Finnish:
YDINREAKTORIGENERAATTORILAUHDUTTAJATURBIINIRATASVAIHDE

5. Finnish are sometimes quiet
Microsoft 2016
5/7/ :47 PM
Finnish are sometimes quiet
Especially in the northern parts
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

6. I got Certs

7. 2.6 pounds of them

8. 5/7/2018
Housekeeping
On my 75 minute breakout sessions I’ll exchange business cards for swag (BRK3295 and BRK4021)
© 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

9. Modes and Rings Windows support to modes/rings
Ring 3 – User Mode
Ring 0 – Kernel Mode
What happened to 1 and 2?
What are -1 and -2?

10. Traditional Kernel Mode vs User Mode

11. Normal and Secure Mode NORMAL MODE SECURE MODE USER MODE
ISOLATED USER MODE
KERNEL
SECURE KERNEL
HYPERVISOR

12. How does it work technically?
Hypervisor now associates a Virtual Trust Level (VTL) with each Virtual Processor (VP)
Two VTLs defined today (higher  more privileged) – more are supported
VTL 0, which is the Normal World
VTL 1, which is the Secure World

13. How does it work technically?
Hypervisor uses Enhanced Page Tables (EPT) which now have essentially a “VTL” associated with them
VTL 0 access to VTL 1 pages can be controlled
Blocking +R  allows hiding cryptographic secrets (Credential Guard)
Blocking +RX (or +RWX)  allows preventing execution of code, or modification of code (Device Guard)
Blocking +W  allows preventing modification of executable pages shared with VTL 1
With VSM, the hypervisor no longer implicitly trusts the root partition

14. Isolated User Mode
User Mode that is protected from the code in the normal Kernel Mode
Normally Kernel has full visibility to User Mode processes’ memory

15. Secure Kernel IUM is on top of Secure Kernel (Secure System)
Known as SK, SKM, SMART (Secure Mode Application RunTime)
Not a real Kernel but more a proxy that talks to the real Kernel but marshalls the transactions
Does not implement stuff that the normal kernel already does
300KB compared to 8MB
SECUREKERNEL.exe

16. Secure Kernel Secure Kernel cannot be extended like the normal
Only accessible by Microsoft not 3rd party
All Trustlets need to be signed by Microsoft with a certain kind of certificate
All CryptoCode, Challenge/Response is here so it stays private to the Virtual Secure Mode
To communicate with
Other trustlets it uses Storage Blobs
The Normal Mode (NTOSKERNEL) is uses Mailboxes

17. Traditional Kernel Mode vs User Mode
ISOLATED USER MODE
KERNEL MODE
SECURE KERNEL
SHARED BUFFER
(Marshall)
HYPERVISOR

18. How come the Kernel is not able to access the memory of the Secure Kernel?

19. Traditional Virtual memory
Process 0
PAGETABLE
PROCESS 0
V-Address
P-Address
ACCESSMASK
xxxx
yyyy
z-z-z
6789 0x
R-X
Virtual Addres 6789?
Process 1
PAGETABLE
PROCESS 0
V-Address
P-Address
ACCESSMASK
xxxx
yyyy
z-z-z
6789 0x
RW-
Virtual Addres 6789?

20. SLAT Hypervisors and VMs VM 1 VM 2 PAGETABLE VM 1 GPA SPA ACCESSMASK
xxxx
yyyy
z-z-z
67890 0x
R-X
VIRTUAL RAM
Physical Address?
VIRTUAL RAM
Physical Address?
PAGETABLE
VM 2
GPA
SPA
ACCESSMASK
xxxx
yyyy
z-z-z
67890 0x
R-X

21. Kernel and Secure Kernel have their own SLAT’s
USER MODE
ISOLATED USER MODE
KERNEL MODE
SECURE KERNEL
SHARED BUFFER
(Marshall)
SLAT
SLAT
HYPERVISOR

22. Hypervisors and VMs SLAT SLAT KERNEL SECURE KERNEL (VSM) PAGETABLE
GPA
SPA
ACCESSMASK
67890 0x
- - -
VIRTUAL RAM
VIRTUAL RAM
SLAT
PAGETABLE
VSM
GPA
SPA
ACCESSMASK
67890 0x
R - X

23. So what is VSM? Really?
It’s not really a VM but a functionality possible because of virtualization technology

24. Trustlets Processes running in Virtual Secure Mode
Currently not available for developers
Require certain Process ID or a GUID
In the future anything that needs Secrets to stay secret
Currently four trustlets
LSAISO = Credential Guard
BIOISO = Biometrics information
vTPM = Virtual TPM
HVCI = Kernel Mode Code Integrity

25. To keep it secure We need to
Be able to trust the Boot Loader and UEFI  Secure Boot
Be able to block DMA from changing the memory  IO-MMU
Be able to store secrets securely  TPM

26. IO-MMU I/O Memory Management Unit Known as: Intel VT-d / AMD-Vi
MMU for devices, as opposed to processors
Where an MMU translates virtual to physical addresses for a CPU accessing your system's memory, an IOMMU translates virtual to physical addresses for devices
Hardware based protection against DMA-access
Protects against buggy drivers and malicious code
Works with SLAT
Makes sure a device or VM won’t have access to physical memory addresses not meant for them
Known as: Intel VT-d / AMD-Vi

27. Enabling Secure Kernel
You need SLAT and should have SecureBoot, TPM and IO-MMU
Before 1607 release you needed to change the BCDStore and add features called Isolated User Mode and Hyper-V
Since 1607 you just enable Hyper-V

28. Secure Kernel Memory (in)accessibility
Microsoft 2016
5/7/ :47 PM
Secure Kernel Memory (in)accessibility
Sami Laiho
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

29. Want to learn more? Microsoft 2016 5/7/2018 10:47 PM
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

30. Please evaluate this session
5/7/ :47 PM
Please evaluate this session
Your feedback is important to us!
From your PC or Tablet visit MyIgnite at
From your phone download and use the Ignite Mobile App by scanning the QR code above or visiting
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

31. 5/7/ :47 PM
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.